Running Kali Linux in the cloud, the honest way

Two years ago I needed Kali for a single afternoon. CTF challenge, recon work, a couple of port scans, done by dinner. My laptop's an M1 MacBook Air, so Kali in a local VM wasn't happening. I had four options that day.

Buy an AWS EC2 instance. Subscribe to the Kali Marketplace AMI. Configure SSH. Open ports in a security group. Pay until I remembered to shut it down. Spoiler: I forgot until Tuesday.

Hyper-V on a borrowed Windows laptop. About 90 minutes of setup pain.

A Linode or DigitalOcean VPS. No Kali AMI on either, so I'd manually layer Kali tooling over a Debian install. Two hours of apt install kali-*-large plus a tunneled X session for the few tools that need a GUI.

Online Kali sandboxes like Hak5's. Limited, timeboxed, can't bring your own files.

I picked option 1, paid AWS $4 for 18 hours because I forgot to terminate, and decided this whole experience needed to be 5 minutes, not 5 hours.

That's the genesis of DeskBoot.

Today's flow

1. Sign up. Verify phone. Add card.
2. /dashboard/sessions/new → Kali Linux → Standard → us-east-1 → Launch
3. Wait ~8 minutes (Kali AMI doesn't ship the SSM agent, so first boot
   installs it, then we bootstrap xrdp + create your user).
4. Connect via SSH or RDP using the credentials shown in the dashboard.
5. Run your audit, take notes, push anything you want to keep to S3.
6. Click Terminate. Billing stops the moment AWS confirms it's gone.

The fastest "Kali in the cloud" you can get without us is roughly: sign up for AWS, accept the Marketplace EULA, launch in the Console, configure a security group, SSH in. Best case 15 minutes if you've done it before. With DeskBoot it's the same 8 minutes whether it's your first time or your hundredth, and the price tracks the underlying EC2 rate plus a small per-second markup.

What we don't pretend to be

Persistent storage between sessions. We're stateless on purpose. If you need to keep a toolset between runs, push a snapshot to S3 and pull it on next launch. Stateful workspaces are on the roadmap, but they're a much bigger surface area than the current model and we'd rather get the launch experience right first.

A static public IP. Each session gets whatever AWS hands out. If you need the same IP across launches (because someone's firewall is whitelisting you), allocate an Elastic IP from the dashboard — $5/mo to hold it while you're not using it.

What surprises people

A 90-second nmap run costs you less than a quarter. Per-second billing means the question "is it worth launching for 20 minutes of work" stops being a question. Auto-stop kicks in when your balance hits zero, so the AWS-bill horror story (forgot to terminate, came back to a $400 invoice) can't happen here.

If this is the kind of friction you've also been hitting, sign up at deskboot.store. First 50 testers get $50 in credits — DM me on LinkedIn for a code.